Generate CSR using SAPGENPSE

Similar Messages

• Generate CSR using API method??

  Hi all ,
  I have this piece of code below using JDK 1.3 and BouncyCastel Provider
  //some other import ... i am using bouncyCastle Provider
  import javax.crypto.Cipher;
  import org.bouncycastle.jce.PKCS10CertificationRequest;
  import org.bouncycastle.asn1.x509.X509Name;
  public class test
  public static void main(String []args) throws Exception
  Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  KeyStore ks=KeyStore.getInstance("JKS");
  ks.load(new FileInputStream("test.keystore"),"one1234".toCharArray());
  Enumeration e = ks.aliases();
  X509Certificate c=null;
  while(e.hasMoreElements())
  String alias = e.nextElement().toString();
  if(ks.isKeyEntry(alias))
  c = (X509Certificate) ks.getCertificate(alias);
  break;
  String subject = c.getSubjectDN().getName();
  X509Name xname = new X509Name(subject);
  PrivateKey priv = (PrivateKey) ks.getKey("mykey","one1234".toCharArray());
  PublicKey pub = (PublicKey) c.getPublicKey();
  PKCS10CertificationRequest csr = new PKCS10CertificationRequest("MD5WithRSA",xname, pub,null,priv);
  byte buf[] = csr.getEncoded();
  FileOutputStream os = new FileOutputStream("request.crt");
  OutputStreamWriter wr = new OutputStreamWriter(os);
  wr.write("-----BEGIN NEW CERTIFICATE REQUEST-----\n");
  wr.write(new sun.misc.BASE64Encoder().encode(buf));
  wr.write("\n-----END NEW CERTIFICATE REQUEST-----\n");
  wr.flush();
  The coding Was OKAY and ran successfully...
  The Problem is i want to get the same result as if i generate a csr using KEYTOOL utility...
  BUT somehow i got different result , is it due because of signature algorithm or encoding??
  Please help me ....
  Thanks....

  Unfortunately, I don't believe this can be done conveniently using the JCE providers from Sun. The dname components are actually kept in a self-signed certificate that is bound to the alias for the key. The KeyStore class lets you do this using the KeyStore.setKeyEntry methods, and perhaps also the KeyStore.setCertificateEntry method (caveat: I haven't actually tested this).
  The difficulty lies in the need to generate a certificate: there's no API for this. keytool evidently implements some custom method to generate a certificate. You can try something similar, but I suspect it would be quite painful.
  Possibly less painful is to use the bouncycastle provider. It contains classes and methods to generate certificates. See http://www.bouncycastle.org/docs/docs1.5/index.html and in particular the certificate generators at http://www.bouncycastle.org/docs/docs1.5/org/bouncycastle/x509/package-summary.html

• Generate CSR using API problem??

  Hi all ,
  I have this piece of code below using JDK 1.3 and BouncyCastel Provider
  //some other import ... i am using bouncyCastle Provider
  import javax.crypto.Cipher;
  import org.bouncycastle.jce.PKCS10CertificationRequest;
  import org.bouncycastle.asn1.x509.X509Name;
  public class test
  public static void main(String []args) throws Exception
  Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
  KeyStore ks=KeyStore.getInstance("JKS");
  ks.load(new FileInputStream("test.keystore"),"one1234".toCharArray());
  Enumeration e = ks.aliases();
  X509Certificate c=null;
  while(e.hasMoreElements())
  String alias = e.nextElement().toString();
  if(ks.isKeyEntry(alias))
  c = (X509Certificate) ks.getCertificate(alias);
  break;
  String subject = c.getSubjectDN().getName();
  X509Name xname = new X509Name(subject);
  PrivateKey priv = (PrivateKey) ks.getKey("mykey","one1234".toCharArray());
  PublicKey pub = (PublicKey) c.getPublicKey();
  PKCS10CertificationRequest csr = new PKCS10CertificationRequest("MD5WithRSA",xname, pub,null,priv);
  byte buf[] = csr.getEncoded();
  FileOutputStream os = new FileOutputStream("request.crt");
  OutputStreamWriter wr = new OutputStreamWriter(os);
  wr.write("-----BEGIN NEW CERTIFICATE REQUEST-----\n");
  wr.write(new sun.misc.BASE64Encoder().encode(buf));
  wr.write("\n-----END NEW CERTIFICATE REQUEST-----\n");
  wr.flush();
  The coding Was OKAY and ran successfully...
  The Problem is i want to get the same result as if i generate a csr using KEYTOOL utility...
  BUT somehow i got different result , is it due because of signature algorithm or encoding??
  Please help me ....
  Thanks....
  God Bless..

  Hi,
  I think you problem is a kind of bug in STRUST.
  Here is the workaround, I use :
  Get the Verisign certificate on your Windows PC.
  Double click on the cer file, the certificate will be displayed.
  Click on "Certification path", you will see your certificate, the inermediate CA certificate and the root certificate.
  Double click on the Root CA certificate, click on "Details" then export it as Base 64 X.509 cer file.
  Do the same for the intermediate certificate anf for you certificate.
  Then with notepad concatenate the 3 files in one single file in this order :
  Your certificate,
  the intermediate certificate
  the root certificate.
  This will be a text file looking like
  BEGIN CERTIFICATE-----
  END CERTIFICATE-----
  BEGIN CERTIFICATE-----
  END CERTIFICATE-----
  BEGIN CERTIFICATE-----
  END CERTIFICATE-----
  Now try to import this new .cer file.
  It works for me !
  Good luck !
  Regards,
  Olivier

• How to generate CSR (certificate signing request) in PKCS#10 format

  Hi,
  First, I am a novice in security issues.
  Problem:
  I know how to generate CSR using PKCS#10 format with keytool. However I need to implement this functionality in my application. Unfortunately I can't find any docs describing this issue.
  Do anybody know about some API where I just pass data and it will generate CSR for me?
  Many Thanks,
  Miso

  Hi again,
  After a long research I am finally able to generate PKCS#10 cert. request files:
  public static void generatePKCS10() throws Exception {
          // generate PKCS10 certificate request
          KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
          String sigAlg = "MD5WithRSA";
          // generate private key - use java.util.SecureRandom for entropy
          keyGen.initialize(1024, new SecureRandom());
          KeyPair keypair = keyGen.generateKeyPair();
          PublicKey publicKey = keypair.getPublic();
          PrivateKey privateKey = keypair.getPrivate();
          PKCS10 pkcs10 = new PKCS10(publicKey);
          Signature signature = Signature.getInstance(sigAlg);
          signature.initSign(privateKey);
               //common, orgUnit, org, locality, state, country
          X500Name x500Name = new X500Name(
                    "CName",               // CN
                    "OUnit",               // OU
                    "Organization",          // O
                    "Bratislava",          // L
                    "Slovakia",               // S
                    "SK");               // C
          pkcs10.encodeAndSign(new X500Signer(signature, x500Name));
          // PKCS10 request generated
          pkcs10.print(System.out);
  Problem 1:
  However, this generates only a request with X500 subject's name ("CN, OU, O, ..."). But I also want to specify other things like "Key Usage" (example: "Digital Signature, Key Encipherment, etc.") or "Generic IA5 String" (example: "Only for test purposes."). How to do that?
  Problem 2:
  I'm also having trouble to find javadoc for "sun.security" package. As you can see, I'm using "sun.security.pkcs.PKCS10" class for generating CSR in PKCS10 format, but can't find any javadoc for it.
  Many thanks,
  Miso

• SSL Certificate CSR using SH1

  Is it possible to generate CSR using SH1 instead of md5 on Cisco 1841 for SSL VPN, because the provider that I try to use doesn't accept md5. Also tried to import there private key and got an error "Error: invalid PEM boundary" any help would be appreciated

  Well, I have run into the same issue. I'm trying to generate a CSR (certificate signing request) on a Cisco 2821 running IOS 12.4(15)T8 with a SHA signature because StartSSL does not accept CSR's with a MD5 signature anymore.
  According to me the 'hash sha1' command within the crypto pki trustpoint should do the trick, but apparently not. The CSR that is generated is still not accepted by StartSLL claiming it is still signed with a MD5 hash.
  So: How to generate a CSR with a SHA signature?

• Error when using sapgenpse import_own_cert to import a signed certificate

  We have installed a WebDispatcher and want to use SSL and executed the following steps:
  1. Generate Self-Signed Certificate and CSR by:
  sapgenpse get_pse -p SAPSSLS.pse -r SAPSSL.req "CN=emsd3c.cs-apps.carestreamhealth.com, OU=IT, O=Carestream Health, C=US"
  2. User service.sap.com/trust SSL Test Server Certifcated service to signed the CSR which looks like
  BEGIN CERTIFICATE-----
  MIIBpDCCAQ0CAQAwZDELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEUNhcmVzdHJlYW0g
  SGVhbHRoMQswCQYDVQQLEwJJVDEsMCoGA1UEAxMjZW1zZDNjLmNzLWFwcHMuY2Fy
  ZXN0cmVhbWhlYWx0aC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP+w
  TmRWeRlt1tg5GnjMloRhezO6lRJ1mhgNcWGQTECtAXDVypnznTFhimj3OG1zgW
  gItJ1u4GjvQuYR2w2T92UrV3mnORrlHfpYOBCngRwQWfSaG7Ih5g3NeQ4bAq60Ap
  0BwVg9hTpjZfTXfqYQHyzYPk6Pv9c+l0m3Va/DMfAgMBAAGgADANBgkqhkiG9w0B
  AQUFAAOBgQBw6ipAyPUor96WGIOu93v7jjxE0uLuCMkfjaHnuqpYaOWM7z6XQn
  2jWMwEKG4vsvU1X5azUuqA1yidH5+GXTD0VCbXUqLWZEP6S2FMJXixv/e3QELYrT
  qBee2JDYPAdoMkKX/cwshFwXXo41R/gjEwn6aBDg9jkA70xFZEOjTQ==
  BEGIN CERTIFICATE-----
  The certificated signed by SAP looks like and I have created a file called d3c_test.cer to contain it:
  BEGIN CERTIFICATE-----
  MIIC5zCCAlCgAwIBAgIDANTZMA0GCSqGSIb3DQEBBQUAMFAxCzAJBgNVBAYTAkRF
  MRwwGgYDVQQKExNTQVAgVHJ1c3QgQ29tbXVuaXR5MQ8wDQYDVQQLEwZTZXJ2ZXIx
  EjAQBgNVBAMTCVNlcnZlciBDQTAeFw0wOTA3MjkxNzM4NDVaFw0wOTA5MjcxNzM4
  NDVaMIGAMQswCQYDVQQGEwJERTEcMBoGA1UEChMTU0FQIFRydXN0IENvbW11bml0
  eTEYMBYGA1UECxMPQ2FyZXN0cmVhbUhlYXRoMQswCQYDVQQLEwJJVDEsMCoGA1UE
  AxMjZW1zZDNjLmNzLWFwcHMuY2FyZXN0cmVhbWhlYWx0aC5jb20wgZ8wDQYJKoZI
  hvcNAQEBBQADgY0AMIGJAoGBAPjouDXa5nj8UQN77E53KCn1Xv2mI4uQMwz2cv
  2YLL0086PfLzv+GZgMNsykmFzCAw2Nq2PthvhRhIUSZmCWgF36vN3GnwYPhc3flw
  bvYGkeyFvJ3i3I0xiZTwVdvNDnd/GmLH6VCqCEbIwPXEJJamWop6SumaHl7h5KgV
  aaqPAgMBAAGjgZ0wgZowDAYDVR0TAQH/BAIwADAlBgNVHRIEHjAchhpodHRwOi8v
  c2VydmljZS5zYXAuY29tL1RDUzATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8B
  Af8EBAMCBPAwHQYDVR0OBBYEFHBRAASwukLlThOY+NbGKycJGjjIMB8GA1UdIwQY
  MBaAFIHbg/NK+zUYCLkBvbcdW51zNVtJMA0GCSqGSIb3DQEBBQUAA4GBAIxe9gRz
  7UdawNwiIyKo2jvg6P0VnvPRMiyfMJdtbaTarinJmgP2yghMGKx84twvEds9GV42
  xUXbX/AHdgI3ef8N/WXvs15Hi4GnMdb/d7zhz3DAcjajbr7xmFycFFqRSwJ68Kb0
  JF2cZLtwh9G0dJZMbT5ihJ61mCVMXvIbH27s
  END CERTIFICATE-----
  3. Execute the following commend to import SAP's response (d3c_test.cer)
  sapgenpse import_own_cert -c d3c-test.cer -p SAPSSLS.pse
  Receive the following error:
  sapgenpse import_own_cert -c d3c-test.cer -p SAPSSLS.pse
  Please enter PIN: ****
  import_own_cert: Installation of certificate failed
  ERROR in ssf_install_CA_response: (1280/0x0500) Incomplete FCPath, need certificate of CA : "CN=Server CA, OU=Server, O=SAP Trust Community, C=DE"
  ERROR in ssf_install_certs_into_pse: (1280/0x0500) Incomplete FCPath, need certificate of CA : "CN=Server CA, OU=Server, O=SAP Trust Community, C=DE"
  Any help will be appreciated.
  Thanks
  Rivers

  Hi Sri Garimella,
  As you have mentioned above to donwload root certificate also & giv the command as
  sapgenpse -import_own_cert -c d3c-test.cer -p SAPSSLS.pse -r <RootCA_cert_file>.
  Could you please help me from where can i get the RootCA_cert_file ?
  In service market place I am unable to find RootCA_cert_file.
  Could you please elloborate the issue ?
  Regards
  Hari

• CUCM 8.6.2 Generating CSRs With Incorrect Country Code

  Hi folks, I'm running CUCM 8.6.2.25900-8 on a single cluster (1x pub, 4x sub). My CA certs for the tomcat service are due to expire shortly so I've generated CSRs for all the servers and submitted them to our provider. All but one of the requests went through with no issues but one failed because the CSR specified a country code of 'US'. We are in the UK and the four other servers all generated CSRs specifying C=GB.
  Examining the current tomcat cert or issuing "show web-security" on the command-line of the server who's CSR failed also show 'C=GB'
  Looking at the 'set web-security' command it appears that I cannot change the country code.
  Why is the server generating CSRs with 'C=US'?
  How do I change this behaviour such that they are generated with 'C=GB' instead?

  Surprisingly, it has made it all the way to 10.5(x) with the same info and the same error...
  I did found a method to change it via root access, and you might not require root access, but I can't tell for sure as I would need to look at exactly what the contents of the file that TAC changes, but apparently it's just the platformConfig.xml that they need to change and reboot.
  If that's the case, using the utils import config using pretty much all the same info, except the country, would end up with the same outcome.
  Again, not 100% sure but theory says that should do the trick, you can run that thru TAC if you open the case and see what they think about it.

• Generate CSR for Third-Party Certificates

  Hi All,
  i have an issue when i tried to Generate CSR for Third-Party Certificates,
  i follow step by step in the document of cisco until this step:
  3.
  Now that your CSR is ready, copy and paste the CSR information into any CA enrollment tool.
  In order to copy and paste the information into the enrollment form, open the file in a text editor that
  does not add extra characters. Cisco recommends that you use Microsoft Notepad or UNIX vi. Refer
  to the website of the third−party CA for more information on how to submit the CSR through the
  enrollment tool.
  After you submit the CSR to the third−party CA, the third−party CA digitally signs the certificate and
  sends back the signed certificate via e−mail.
  4.
  Copy the signed certificate information that you receive back from the CA into a file.
  This example names the file CA.pem.
  my issue is where i sould copy and paste the CSR information into any CA enrollment tool. i just have done create mykey.pem and myreq.pem in my folder OpenSSL\bin
  Please help and Thanks you.
  Regards,
  Jasa

  you have to do more steps using openssl.
  before you obtain the third−part certificate, you have to copy that on a notepad text, and you have to obtain an intermediate and root certificate from the company that gives you the certificate.
  Then you have to copy and paste on a notepad or gedit:
  SSL (the certificate that they give you)
  Intermediate (the certificate that you obtain from the company that gives you the certificate)
  Root (the certificate that you obtain from the company that gives you the certificate)
  name the text file like: allcerts.pem
  then... you have to run this commands:
  C:\OpenSSL\bin>openssl pkcs12 -export -in allcerts.pem -inkey mykey.pem -out All-certs.p12 -clcerts -passin pass:yourpassword -passout pass:yourpassowrd
  C:\OpenSSL\bin>openssl pkcs12 -in All-certs.p12 -out finalcert.pem -passin pass:yourpassword -passout pass:yourpassword
  Then you are going to have a file named: finalcert.pem, thats the one you have to update to the WLC. please note that on those lines "yourpassword" is the password you use when you create the certificate and its going to be the same that you have to use for upload to WLC.
  Note that you have to use openssl version 0.9.8 because its the only version thats WLC support
  If you have doubts please contact me.
  Have fun!

• Lync 2013 - Generate CSR with EKU and additional SANs?

  Hi,
  I'm in the middle of setting up both an Edge server and Reverse Proxy (Which will be on an F5 appliance). According to
  this article, I have to generate the CSR using powershell to retain interoperability with AOL. After reading
  this article it looks like I can use the same cert on both the Edge and Reverse Proxy, so long as I specify all the SANs in the CSR.
  The problem is, I can't figure out how to generate the CSR in powershell and add additional SANs, like I can in the GUI. But I can't use the GUI because it won't add the client EKU needed for AOL. What's the syntax to add additional SANs via powershell?
  I have read that using powershell will inherit the SAN configuration, but I have found no way to confirm what SANs it is actually requesting, since the CSR is encrypted text.
  EDIT: I should add that our org already has an existing wildcard certificate that we use for other sites, but its SN is *.domain.com (which I believe is not supported) and does not have the additional needed SANs. I assume that this cert cannot be used but
  please let me know if I'm mistaken.
  Thanks in advance.

  Matt,
  Depending on how many of these clients you have will dictate your solution. If you don't have many then you can simply install the Cert chain manually on each PC in the Local Computer > Trusted Root Certificate Authority store.
  If you have tons though you are possibly best getting a public cert which covers your internal namespace also.
  So as long as you are not using some internal name like .local or .internal and you are using the same namespace as your public domain then you are ok.
  You would however need to specify the names you would be using on your reverse proxy server for meetings and dialin and lync discover for mobility on this cert which may be costly!!!!
  So your cert would then have the following for example:
  Subject name:
  sip.mydomain.com
  SAN:
  sip.mydomain.com
  mydomain.com
  lyncfe01.mydomain.com -- INTERNAL Front End Server Name(s)
  lyncpool.mydomain.com -- (If using Enterprise Edition)
  meet.mydomain.com -- Internal users will require this for connecting to the meeting from internally, unless you are forcing them out and back in through your reverse proxy server.
  dialin.mydomain.com -- As above for meet
  lyncdiscover.mydomain.com
  etc.....
  To be honest, if it was me then i would go with manually installing the cert (or use SSCM or whatever you use for client management if possible)
  good Luck
  Martin

• MIDlet signing [openssl approach to generate CSR]

  Guys,
  Here are the questions that needs verification..
  1. Aside from Wireless Toolkit - JadTool.jar, What is another way to sign the MIDlet?
  a. the approach used to generate CSR was openssl.
  2. Is it possible to sign the MIDlet, if the CSR generated is from openssl approach? [Files generated r: .key and .csr] We know that on keytool approach [Files generated r: .keystore, .alias and .csr]
  3. Does Openssl technology is used only for web signing?
  4. Does certificate for web is different from mobile?
  5. Is it possible for one CRT file from Verisign, it can be use to certify WEB and mobile?
  Thanks in advance..
  Edited by: eesbee on Jul 30, 2009 3:03 AM

  Guys,
  Here are the questions that needs verification..
  1. Aside from Wireless Toolkit - JadTool.jar, What is another way to sign the MIDlet?
  a. the approach used to generate CSR was openssl.
  2. Is it possible to sign the MIDlet, if the CSR generated is from openssl approach? [Files generated r: .key and .csr] We know that on keytool approach [Files generated r: .keystore, .alias and .csr]
  3. Does Openssl technology is used only for web signing?
  4. Does certificate for web is different from mobile?
  5. Is it possible for one CRT file from Verisign, it can be use to certify WEB and mobile?
  Thanks in advance..
  Edited by: eesbee on Jul 30, 2009 3:03 AM

• Generating CSR - Illegalargument Exception

  Hi,
  I am using Bouncy Castle API to generate a CSR using the following.
  I am getting
  Exception in thread "main" java.lang.IllegalArgumentException: improperly specified input name: 2345
  at javax.security.auth.x500.X500Principal.<init>(X500Principal.java:109)
  at com.mitel.crypt.CsrGenerator.generateCSR(CsrGenerator.java:55)
  at com.mitel.crypt.CsrGenerator.main(CsrGenerator.java:78)
  Please let me know what is wrong? Doesn't X500Principal get a String?
      X500Principal subjectName = new X500Principal("2345");
              PKCS10CertificationRequest kpGen = new PKCS10CertificationRequest("sha1WithRSA",
                      subjectName,
                      keypair.getPublic(),
                      null,
                      keypair.getPrivate());

  Please let me know what is wrong? Doesn't X500Principal get a String?
  Yes, but as the javadocs clearly state the string must have a certain format; not just any string will do. See RFC 2253 for details on the format. Example:X500Principal subject = new X500Principal("CN=ghstark,C=US");

• Generate report using Word Report Generation VIs error

  When I Generate report using Word Report Generation VIs  ,the error is generated.
  This is  my Vi
  can somebody  tell the error reason?
  The attaché is Vi (one is 2011,other is 8.6)
  Attachments:
  report-8.6.vi ‏16 KB
  report2.vi ‏33 KB
  template.doc ‏40 KB

  Hi Ben64
               Thank you! The problem is solved.
     BUT when I use the Word Easy Graph vi  ,the result is
  I want the Graph (curve),like as:
  How Can I do get the picture.
  I have other problem. I want to get default name for the new word file.
  liang

• Generating reports using RWServlet.class(Patch-12)

  Sir,
  We have configured the Apache Tomcat-3.2.2 to be the servlet engine for generating reports using oracle.reports.rwcgi.RWServlet. Earlier we have been using, Patch-2. We have created many keys(cgicmd.dat) for the different reports that are there with the mostly needed report parameters(including PARAMFORM=YES). We call the report in the browser giving the URL "http://<machine_name>/oraclereports/servlet/oracle.reports.rwcgi.RWServlet?<key_name>". Now, the report page that gets generated is the parameter form. In the HTML source of this page, the form-submitting action is pointing correctly to URL "http://<machine_name>/oraclereports/servlet/oracle.reports.rwcgi.RWServlet.....". The parameter values are entered and the form submitted. The generated report is perfect..
  Some days before, Patch-10 was installed. The RWServlet.class that comes along with this was copied to the oracle/reports/rwcgi folder in Tomcat. Now, when the same steps(calling report) as done before were done, the report is not getting generated, giving the output for no page found. The HTML source of the parameter form shows the form-submitting-action URL as "http://<machine_name>/servlet/oracle.reports.rwcgi.RWServlet.." omitting the "oraclereports" that was there earlier.
  Now, we have installed Patch-12, copied the new RWServlet.class. For this case also, the same problem is now encountered. Now, have we have to do any additional configuration somewhere? The page that is generated, on giving the URL ""http://<machine_name>/oraclereports/servlet/oracle.reports.rwcgi.RWServlet/showenv?server=Rep60_MACHINENAME" is showing the SCRIPT_NAME as "/servlet/oracle.reports.rwcgi.RWServlet". Is it something to do with this? We tried putting SCRIPT_NAME as a user environment variable, and also by giving SET SCRIPT_NAME=/oraclereports. Still, the problem persists. Doesn't the HttpServletRequest class have some method that returns the SCRIPT_NAME, i.e, the path where the execution is being done? How could different versions of the same class oracle.reports.rwcgi.RWServlet deployed with the same settings on the Tomcat servlet engine behave differently? Please help us on how to solve this problem..
  Thank you,
  Regards..
  Ranjith

  Hi,
  Is there some way, i.e., by doing some Tomcat setting changes, that the RWServlet of Patch-10/12 can be made to work like RWServlet of Patch-2(with normal settings)? Please help..
  Thank you,
  Regards..
  Ranjith

• How do I configure a counter to generate pulses using DAQmx?

  How do I configure a counter to generate pulses using DAQmx?
  Is says in the DAQmx C reference help
  "CtrnInternalOutput—The signal at this internal terminal is where the pulsed or toggled output of the counter appears. The output of a counter pulses or toggles when the counter reaches terminal count. When counting down, the counter reaches terminal count when the count reaches zero. When counting up, the counter reaches terminal count when the counter rolls over. To configure the counter to toggle or generate pulses, use the Export Signal function/VI with Counter Output Event as the signal name."
  I've tried this but can't get it to work, I may have the parameters wrong or something. The DAQmxExportSignal() function is very unintuitive to me. Here is my counter config code...
  int ret = 0;
  ret = DAQmxCreateTask("",&task_);
  errorMsg(ret);
  if (ret != 0)
  throw ret;
  // Configure the counter
  ret = DAQmxCreateCOPulseChanTicks( task_, "Dev1/ctr0", "", "/Dev1/PFI8", DAQmx_Val_Low, 0, divider, divider );
  errorMsg(ret);
  ret = DAQmxCfgImplicitTiming( task_, DAQmx_Val_ContSamps, 1000 );
  errorMsg(ret);
  // Change to pulse mode
  ret = DAQmxExportSignal( task_, DAQmx_Val_CounterOutputEvent, "/Dev1/Ctr0InternalOutput" );
  errorMsg(ret);
  // Start the counter
  ret = DAQmxStartTask(task_);
  errorMsg(ret);
  The above code works fine, in toggle mode, if I just comment out the DAQmxExportSignal() part.
  HELP!!!
  Stefan

  The problem is due to the DAQmxExportSignal call.  By default, when you create a counter output pulse train task, the driver will automatically set the output of the counter to toggle when the count for each high ticks and low ticks expire.  The driver also automatically routes the signal present at Ctr0InternalOutput terminal (the output of the counter internal to the device) to the Ctr0Out terminal (the I/O pin available externally).  Using the line
   ret = DAQmxExportSignal( task_, DAQmx_Val_CounterOutputEvent, "/Dev1/Ctr0InternalOutput" );
  will tell the driver to tristate the Ctr0Out terminal and not output the signal to the external I/O pin.  Using the DAQmxExportSignal function is generally only useful if you want to route the signal to some other terminal internal to the board without having the output show up on the external connector, route the signal to some other external pin other than the default pin, or if you want to have the output show up at multiple locations. 
  If you want to change the output behavior from toggle to pulse, you need to use the DAQmxSetExportedCtrOutEventOutputBehavior function.  However, this is generally only useful if all you care about are edges (not the duty cycle of the pulse train), and you want to generate higher frequency signals.  For example, with a 20 MHz timebase as the source of your counter, you can only generate a 5 MHz pulse train by default.  This is because the minimum value for the low and high ticks parameter is 2 (20 MHz / 4 = 5 MHz).  By changing the output behavior form toggle to pulse, you can generate a pulse train at 10 MHz since the output is now pulsing instead of toggling.  However, the width of each pulse is not programmable so you will no longer have a 50% duty cycle signal.  I don't remember exactly what the width of each pulse is, but I believe it's in the neighborhood of 50 - 100 nanoseconds in width.  I hope this information helps.

• Problem while generating PDF using iText

  Hi:
  I have generated PDF using iText, where i have written all code in sequential flow.
  <code>
  com.lowagie.text.Document document = new com.lowagie.text.Document(PageSize.A4, 55, 5, 20, 20);
  OutputStream outputstream = response.getOutputStream();
  PdfWriter.getInstance(document,outputstream);
  </code>
  And i have added all fields in the document.
  But my problem is how to display total pagecount on all pages e.g.1\20 (because i have generated PDF sequentially)
  Also i want to add watermark on all pages.
  So, can any body help me to solve this problem?
  Thank You,
  Balaji

  sabre150 wrote:
  Maybe http://itext-general.2136553.n4.nabble.com/
  Nice pron link in there :/